Schema to send a file as request body for an API fuzzing

[Anudeep541]

Is there a schema method or specific parameter to set to include a local file as a request body when fuzzing an REST endpoint. When tried with schema type as string and format as binary in OpenAPI Specification as described here https://swagger.io/docs/specification/describing-request-body/file-upload/ and the compiled grammar when used for fuzzing doesn't show the request body as uploading a file.

[marina-p]

Hello @Jane2197,

Thank you for reporting this issue (and the others you opened). For this one, RESTler does not currently support/recognize the "binary" format in the specification. However, you may be able to get this working by modifying the grammar manually.

I've pushed some changes to the mp/formdata_fix branch, the commit message has an explanation for how to modify the grammar and dictionary to send a file as the body. If you have time to try this out, please let us know if it works for you.

(If the above works for you, please leave this issue open so we can track supporting the binary format in the RESTler compiler.)

Thanks,

Marina

[Anudeep541]

Hi,

I tried file uploading with the mentioned branch by adding required changes in grammar.py and dict.json, but observed following issues

1. For a file with extension .bin shows the following errors when running RESTler in TEST mode

• The prompt after executing test mode command shows the following error

ERROR: Restler engine failed
Task Test failed.

• The log in file EngineStdOut.txt inside Test folder shows the following

Initializing: Garbage collection every 30 seconds.
Unhandled exception reading stream. Error:'utf-8' codec can't decode byte 0x94 in position 0: invalid start byte
Terminating garbage collection. Waiting for max 300 seconds.

2. For a file with extension .txt, file is successfully uploaded to the server but the following issues are observed when running RESTler in TEST mode

• The prompt after executing test mode command shows the following error

ERROR: Results analyzer for logs in </path/to/Test> failed.

• The log in file ResultsAnalyzerStdErr.txt shows the following

Cannot deserialize mutations dictionary: An exception occurred during deserialization:  Newtonsoft.Json.JsonSerializationException: Could not find member 'restler_multipart_formdata' on object of type 'MutationsDictionary'. Path 'restler_multipart_formdata', line 26, position 33.

• Uploaded file has the following lines are added to start of the file

Content-Type: multipart/form-data; boundary=_CUSTOM_BOUNDARY_1632293617
--_CUSTOM_BOUNDARY_1632293617
Content-Disposition: form-data; name="file1"; filename="test.txt"
Content-Type: application/octet-stream

and at the end of file

--_CUSTOM_BOUNDARY_1632293617--

Thank you

[marina-p]

@Jane2197 thanks for trying this out and for the detailed logs. I see now the issue with the file upload.

I will get back to you when back from vacation next week with a fix.

Thanks,

Marina